DOCSLIB.ORG

Radio-Frequency Identification (RFID): a Focus on Information Security and Privacy”, OECD Digital Economy Papers, No

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Please cite this paper as: OECD (2008-01-14), “Radio-Frequency Identification (RFID): A Focus on Information Security and Privacy”, OECD Digital Economy Papers, No. 138, OECD Publishing, Paris. http://dx.doi.org/10.1787/230618820755 OECD Digital Economy Papers No. 138 Radio-Frequency Identification (RFID) A FOCUS ON INFORMATION SECURITY AND PRIVACY OECD Unclassified DSTI/ICCP/REG(2007)9/FINAL Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 14-Jan-2008 ___________________________________________________________________________________________ English - Or. English DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY COMMITTEE FOR INFORMATION, COMPUTER AND COMMUNICATIONS POLICY Unclassified DSTI/ICCP/REG(2007)9/FINAL Working Party on Information Security and Privacy RADIO FREQUENCY IDENTIFICATION (RFID): A FOCUS ON INFORMATION SECURITY AND PRIVACY www.oecd.org/sti/security-privacy English - Or. English JT03238682 Document complet disponible sur OLIS dans son format d'origine Complete document available on OLIS in its original format DSTI/ICCP/REG(2007)9/FINAL FOREWORD This report was prepared by the Secretariat with the assistance of Nick Mansfield, consultant to the OECD. The first draft benefitted from initial input from Francis Aldhouse, consultant to the OECD. It includes comments and suggestions from OECD member countries, business and civil society. The report was discussed by the Working Party on Information Security and Privacy in October 2007 and declassified by the Committee for Information, Computer and Communications Policy on 17 December 2007. It is published under the responsibility of the Secretary-General of the OECD. © 2008 OECD/OCDE. 2 DSTI/ICCP/REG(2007)9/FINAL TABLE OF CONTENTS EXECUTIVE SUMMARY ............................................................................................................................ 4 INTRODUCTION .......................................................................................................................................... 8 1. UNDERSTANDING RFID ...................................................................................................................... 10 1.1. A broad concept for a complex technology .............................................................................. 11 1.2. Hardware components .............................................................................................................. 12 1.3. Electromagnetic communication .............................................................................................. 16 1.4. Software and network components ........................................................................................... 23 2. INFORMATION SECURITY AND PRIVACY ...................................................................................... 25 2.1. Information security .................................................................................................................. 25 2.1.1. Typology of risks .................................................................................................................. 26 2.1.2. Security controls ................................................................................................................... 33 2.1.3. A holistic approach ............................................................................................................... 35 2.1.4. Adjusting security level to what is at stake ........................................................................... 36 2.2. Privacy ...................................................................................................................................... 37 2.2.1 Overview of privacy challenges ............................................................................................ 38 2.2.2 Possible safeguards ............................................................................................................... 41 CONCLUSION ............................................................................................................................................. 50 ANNEX I. EXAMPLES OF RFID STANDARDS ...................................................................................... 52 ANNEX II. NFC, UWB, ZIGBEE, RUBEE, WI-FI, ULTRASONIC TECHNOLOGIES ......................... 54 ANNEX III. SECURITY EXPLOITS .......................................................................................................... 57 ANNEX IV. THE ELECTRONIC PRODUCT CODE (EPC) NUMBER STRUCTURE ........................... 59 ANNEX V. EXAMPLES OF PRIVACY REFERENCES ........................................................................... 60 BIBLIOGRAPHY ......................................................................................................................................... 63 3 DSTI/ICCP/REG(2007)9/FINAL RADIO FREQUENCY IDENTIFICATION (RFID): A FOCUS ON INFORMATION SECURITY AND PRIVACY EXECUTIVE SUMMARY The deployment of Radio Frequency Identification (RFID) in a large number of application areas is promising. This paper introduces the main characteristics of RFID technologies and focuses on the information security and privacy aspects of RFID in the short term. It will be complemented by an overview of RFID applications and an analysis of economic aspects of RFID carried out by the OECD Working Party on the Information Economy (WPIE).1 Later on, and based on both sets of work, a common set of policy principles related to RFID will be developed.2 This report represents the first step of OECD work related to sensor-based environments. Follow-up work will address security and privacy issues raised by a number of possible longer-term trends such as the generalisation of object tagging (pervasive RFID), of open loop RFID and of other sensors and sensor networks that can monitor the environment. A varied and complex technology RFID is a convenient and popular term for a technology with vague boundaries and many facets. Radio-frequency identification is not always based on radio-frequency communications and identification is only one among the many functions RFID technology can perform. Rather, RFID enables data collection with contactless electronic tags and wireless transmitters (readers) for identification and other purposes. It can be seen as a first step towards sensor-based environments. Understanding the capabilities and limitations of RFID technology is essential because the likelihood of several potential security and privacy risks varies according to the type of RFID technology used as much as according to the context in which RFID is implemented. The paper therefore provides basic information on RFID technology, including elements regarding standards, hardware and software components, frequency ranges, modes of operation (electromagnetic induction or radio-waves) and operation ranges. Information security aspects There are a large number of potential risks to RFID tags, readers and tag-reader communication that implicate each of the three classical dimensions of security: availability, integrity and confidentiality. Examples include denial of service, jamming, cloning, eavesdropping and skimming. Malware using tags as a vector for dissemination has also been identified as a potential risk. Tags and readers are not the only components of RFID systems that require security protection. Software (middleware), network and database components are also subject to information security risks. RFID security risks are not theoretical: a number of vulnerable security products and systems, sometimes deployed at very large scale, have been 1 . See OECD (2007b, c). 2 . DSTI/ICCP/IE/REG(2007)1. 4 DSTI/ICCP/REG(2007)9/FINAL discovered by researchers or reported in the press. However, many of these potential risks are more or less likely to occur depending on the type of RFID technology used (e.g. eavesdropping is less likely when magnetic induction is used because the operation range is very short). Ensuring RFID security requires a mix of technical and non-technical controls to prevent and mitigate risk. A number of technical controls are available. However, their degree of sophistication, robustness, complexity and cost varies. As a result, there is no one-size-fits-all RFID security measure that would efficiently address a given class of risks in all possible situations and at low cost. The development of well tailored and innovative technical security safeguards for RFID may therefore be a critical success factor for large scale deployment of RFID in many areas. As mentioned above, not only do risks to RFID systems vary considerably according to the technology used, they also vary depending on the application contexts and scenarios. Consistent with the OECD Security Guidelines, risk assessment and risk management can help address the security of RFID systems. A holistic approach to risk (e.g. carefully considering each stage of the system’s life – planning, deployment, operation, data processing and end of life – and each component of the system – tags and readers, middleware, databases, back-end and network components) is required to develop an overall security strategy. The risk evaluation and management strategy help identify the necessity to strengthen specific parts of the system in order to compensate for some weaknesses that cannot be addressed directly. Like any technology, adjusting RFID security to the appropriate level requires striking the right balance between the value of the assets
Recommended publications
  • Guidelines for Securing Radio Frequency Identification (RFID) Systems

    Guidelines for Securing Radio Frequency Identification (RFID) Systems

    Special Publication 800-98 Guidelines for Securing Radio Frequency Identification (RFID) Systems Recommendations of the National Institute of Standards and Technology Tom Karygiannis Bernard Eydt Greg Barber Lynn Bunn Ted Phillips NIST Special Publication 800-98 Guidelines for Securing Radio Frequency Identification (RFID) Systems Recommendations of the National Institute of Standards and Technology Tom Karygiannis Bernard Eydt Greg Barber Lynn Bunn Ted Phillips C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 April 2007 US Department of Commerce Carlos M. Gutierrez, Secretary Technology Administration Robert C. Cresanti, Under Secretary of Commerce for Technology National Institute of Standards and Technology William Jeffrey, Director GUIDELINES FOR SECURING RFID SYSTEMS Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the US economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. Special Publication 800-series documents report on ITL’s research, guidelines, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-98 Natl.
  • Implementation Guideline

    Implementation Guideline

    IMPLEMENTATION GUIDELINE Using the GS1 System for U.S. FDA Unique Device Identification (UDI) Requirements FOR SUPPLIERS & RECE IVERS R 1 . 1 – S E P 1 2 2 0 1 4 IMPLEMENTATION GUIDELINE: USING THE GS1 SYSTEM FOR U.S. FDA UDI REQUIREMENTS R1.1 — SEP 12 2014 CONTENTS PART 1: PREFACE ................................................................................................................................................................ 5 1 INTRODUCTION.................................................................................................................................................................... 6 2 DOCUMENT INFORMATION ................................................................................................................................................... 7 2.1 Purpose ............................................................................................................................................................... 7 2.2 Audience ............................................................................................................................................................. 7 2.3 Scope .................................................................................................................................................................. 7 2.4 Normative References......................................................................................................................................... 8 2.5 Additional Resources .........................................................................................................................................
  • Tesi Definitiva

    Tesi Definitiva

    UNIVERSITA’ DEGLI STUDI DI TORINO FACOLTA’ DI ECONOMIA CORSO DI LAUREA IN ECONOMIA E DIREZIONE DELLE IMPRESE RELAZIONE DI LAUREA INNOVATIVI DISPOSITIVI TECNOLOGICI PER UNA MAGGIORE INFORMAZIONE DEL CONSUMATORE NEL SETTORE AGROALIMENTARE: UNO STUDIO AL SALONE DEL GUSTO 2010 Relatore: Prof. Giovanni Peira Correlatori: Prof. Luigi Bollani Dott. Sergio Arnoldi Candidato: Andrea Gino Sferrazza ANNO ACCADEMICO 2010/2011 Ringraziamenti Ringrazio per la stesura di questo lavoro: - il Prof. Giovanni Peira del Dipartimento di Scienze Merceologiche, per avermi seguito e aiutato durante questo lavoro, fornendomi parte del materiale di studio, indicandomi alcune persone cruciali per la buona riuscita della stesura e per la sua completa disponibilità durante quesi mesi di ricerche; - il Prof. Luigi Bollani, del Dipartimento di Statistica e Matematica applicata “Diego de Castro”, per il suo fondamentale contributo nell’impostazione e nell’elaborazione del questionario, proposto durante il Salone del Gusto 2010; - il Dott. Sergio Arnoldi, coordinatore dell’Area Promozione Agroalimentare della Camera di commercio di Torino, il quale ha messo a disposizione tempo e risorse preziose per questo progetto di ricerca, sempre con molta professionalità e competenza; - il Dott. Alessandro Bonadonna del Dipartimento di Scienze Merceologiche, per avermi fornito preziosi spunti per la trattazione; - tutti coloro che mi hanno supportato nella stesura ed elaborazione del questionario, rendendo possibile il raggiungimento degli obiettivi prefissati nei tempi prestabiliti. Ringraziamenti particolari Il primo ringraziamento va a mia madre, l’unica vera persona che mi ha accompagnato in ogni momento durante il mio percorso di studio. Senza di lei, non avrei potuto raggiungere questo importante traguardo. Questo risultato lo divido con te.
  • Introducing a Micro-Wireless Architecture for Business Activity Sensing,” Proc

    Introducing a Micro-Wireless Architecture for Business Activity Sensing,” Proc

    Pre-print Manuscript of Article: Bridgelall, R., “Introducing a Micro-wireless Architecture for Business Activity Sensing,” Proc. IEEE International Conference on RFID, Las Vegas, NV, pp. 156-164, April 16 – 17, 2008. Introducing a Micro-wireless Architecture for Business Activity Sensing Raj Bridgelall, Senior Member, IEEE Abstract—RFID performance deficiencies discovered in architectures in a manner that enables existing application recent high profile applications have highlighted the danger of requirements to be more readily addressed. This new selecting only passive tags for an application because of their architecture also enables applications that were not lowest cost relative to other types of RFID tags. previously possible. Consequentially, battery-based RFID technologies are being considered to fill those performance gaps. A mix of both A. Passive RFID passive and battery-based RFID technologies can provide a more cost effective and robust solution than a homogeneous Passive RFID systems have improved substantially since the RFID deployment. However, it is easy to choose the wrong introduction of first generation of ultra high frequency battery-based RFID technology given the confusing array of (UHF) systems. Improvements in range and interoperability, choices currently available. This paper explores the multi-tag arbitration speed, and interference susceptibility performance deficiencies of both passive and battery-based were promised and delivered with the ratification of EPC RFID technologies. A new micro-wireless technology that Class I Generation 2 (C1G2) and the ISO 18000-6 resolves these performance deficiencies is then introduced. Finally an application example is presented that demonstrates standards [1]. Although passive UHF RFID performance how the new technology can also seamlessly roam between enhancements, cost reduction, and end-user mandates helped passive and battery-based RFID infrastructures at the lowest to improve the technology adoption rate, the level of possible cost to bridge their respective performance gaps.
  • 3. WIRELESS NETWORKS/WI-FI What Is a Wireless Network?

    3. WIRELESS NETWORKS/WI-FI What Is a Wireless Network?

    1 Technological FOUNDATIONS FOR CONVERGENCE(3) 1. Digitization/Digital Storage 2. Networking/Broadband 3. WIRELESS/WI-FI 4. SPECTRUM MANAGEMENT 3. WIRELESS NETWORKS/WI-FI What Is a Wireless Network?: The Basics http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/w ork_from_anywhere/what_is_a_wireless_network/index.html Five Qustions to Start With What is a wireless network? How is it different from a wired network? And what are the business benefits of a wireless network? The following overview answers basic questions such as What is a wireless network?, so you can decide if one is right for your business. What Is a Wireless Network? A wireless local-area network (LAN) uses radio waves to connect devices such as laptops to the Internet and to your business network and its applications. When you connect a laptop to a WiFi hotspot at a cafe, hotel, airport lounge, or other public place, you're connecting to that business's wireless network. What Is a Wireless Network vs. a Wired Network? A wired network connects devices to the Internet or other network using cables. The most common wired networks use cables connected to Ethernet ports on the network router on one end and to a computer or other device on the cable's opposite end. What Is a Wireless Network? Catching Up with Wired Networks In the past, some believed wired networks were faster and more secure than wireless networks. But continual enhancements to wireless networking standards and technologies have eroded those speed and security differences. What Is a Wireless Network?: The Benefits Small businesses can experience many benefits from a wireless network, including: • Convenience.
  • Wireless Network Communications Overview for Space Mission Operations

    Wireless Network Communications Overview for Space Mission Operations

    CCSDS Historical Document This document’s Historical status indicates that it is no longer current. It has either been replaced by a newer issue or withdrawn because it was deemed obsolete. Current CCSDS publications are maintained at the following location: http://public.ccsds.org/publications/ CCSDS HISTORICAL DOCUMENT Report Concerning Space Data System Standards WIRELESS NETWORK COMMUNICATIONS OVERVIEW FOR SPACE MISSION OPERATIONS INFORMATIONAL REPORT CCSDS 880.0-G-1 GREEN BOOK December 2010 CCSDS HISTORICAL DOCUMENT Report Concerning Space Data System Standards WIRELESS NETWORK COMMUNICATIONS OVERVIEW FOR SPACE MISSION OPERATIONS INFORMATIONAL REPORT CCSDS 880.0-G-1 GREEN BOOK December 2010 CCSDS HISTORICAL DOCUMENT CCSDS REPORT CONCERNING INTEROPERABLE WIRELESS NETWORK COMMUNICATIONS AUTHORITY Issue: Informational Report, Issue 1 Date: December 2010 Location: Washington, DC, USA This document has been approved for publication by the Management Council of the Consultative Committee for Space Data Systems (CCSDS) and reflects the consensus of technical panel experts from CCSDS Member Agencies. The procedure for review and authorization of CCSDS Reports is detailed in the Procedures Manual for the Consultative Committee for Space Data Systems. This document is published and maintained by: CCSDS Secretariat Space Communications and Navigation Office, 7L70 Space Operations Mission Directorate NASA Headquarters Washington, DC 20546-0001, USA CCSDS 880.0-G-1 Page i December 2010 CCSDS HISTORICAL DOCUMENT CCSDS REPORT CONCERNING INTEROPERABLE WIRELESS NETWORK COMMUNICATIONS FOREWORD This document is a CCSDS Informational Report, which contains background and explanatory material to support the CCSDS wireless network communications Best Practices for networked wireless communications in support of space missions. Through the process of normal evolution, it is expected that expansion, deletion, or modification of this document may occur.
  • GS1 Healthcare US® Implementation Guideline

    GS1 Healthcare US® Implementation Guideline

    GS1 Healthcare US® Implementation Guideline Applying the GS1 System of Standards for U.S. FDA Unique Device Identification (UDI) Release 2.0, April 11, 2019 Implementation Guideline: Applying the GS1 System of Standards to U.S. FDA UDI Table of Contents Document Summary ................................................................................................ 5 Part 1: Preface ........................................................................................................ 6 1.1. Introduction ................................................................................................................. 7 1.2. Document Symbol Legend .............................................................................................. 7 1.3. Document Information ................................................................................................... 8 1.4. Overview of the GS1 Standards Used ............................................................................. 10 1.5. Overview of the U.S. FDA UDI Rule ................................................................................ 12 1.6. Background Concepts .................................................................................................. 15 Part 2: UDI Device Identifier (DI) -- GS1 GTIN ..................................................... 17 2.1 Global Trade Item Number ........................................................................................... 18 2.1.1 Definition ..................................................................................................................
  • Under the Same Umbrella: the GS1 and RAIN RFID Alliance Partnership

    Under the Same Umbrella: the GS1 and RAIN RFID Alliance Partnership

    Under the Same Umbrella: The GS1 and RAIN RFID Alliance Partnership Michelle Covey, Vice President of Partnerships, GS1 US March 6, 2019 Antitrust Caution GS1 US is committed to complying fully with antitrust laws. We ask and expect everyone to refrain from discussing prices, margins, discounts, suppliers, the timing of price changes, marketing or product plans, or other competitively sensitive topics. If anyone has concerns about the propriety of a discussion, please inform a GS1 US® representative as soon as possible. Please remember to make your own business decisions and that all GS1 Standards are voluntary and not mandatory. Please review the complete GS1 US antitrust policy at: www.gs1us.org/gs1-us-antitrust-compliance-policy © 2019 GS1 US All Rights Reserved 2 The only way businesses big or small can move forward is to work together. They need to be able to understand each other, anywhere in the world. Business requires a common language, and we make that possible. © 2019 GS1 US All Rights Reserved 3 GS1 Standards are the global language of business— a language for identifying, capturing, and sharing information automatically and accurately, so that anyone who wants that information can understand it, no matter who or where they are. © 2019 GS1 US All Rights Reserved 4 The Global Language of Business GS1 Standards Identify GS1 Identification Numbers Companies, Products, Locations, Logistics, Assets, and Services Capture GS1 Data Carriers Barcodes and EPC®-enabled RFID Share GS1 Data Exchange Master Data, Transactional Data, and Physical Event Data © 2019 GS1 US All Rights Reserved 5 Our Unique Role We bring GS1 is… communities • Neutral and not-for-profit together.
  • Partner Directory Wind River Partner Program

    Partner Directory Wind River Partner Program

    PARTNER DIRECTORY WIND RIVER PARTNER PROGRAM The Internet of Things (IoT), cloud computing, and Network Functions Virtualization are but some of the market forces at play today. These forces impact Wind River® customers in markets ranging from aerospace and defense to consumer, networking to automotive, and industrial to medical. The Wind River® edge-to-cloud portfolio of products is ideally suited to address the emerging needs of IoT, from the secure and managed intelligent devices at the edge to the gateway, into the critical network infrastructure, and up into the cloud. Wind River offers cross-architecture support. We are proud to partner with leading companies across various industries to help our mutual customers ease integration challenges; shorten development times; and provide greater functionality to their devices, systems, and networks for building IoT. With more than 200 members and still growing, Wind River has one of the embedded software industry’s largest ecosystems to complement its comprehensive portfolio. Please use this guide as a resource to identify companies that can help with your development across markets. For updates, browse our online Partner Directory. 2 | Partner Program Guide MARKET FOCUS For an alphabetical listing of all members of the *Clavister ..................................................37 Wind River Partner Program, please see the Cloudera ...................................................37 Partner Index on page 139. *Dell ..........................................................45 *EnterpriseWeb
  • 3 Security Threats for RFID Systems

    3 Security Threats for RFID Systems

    FIDIS Future of Identity in the Information Society Title: “D3.7 A Structured Collection on Information and Literature on Technological and Usability Aspects of Radio Frequency Identification (RFID)” Author: WP3 Editors: Martin Meints (ICPP) Reviewers: Jozef Vyskoc (VaF) Sandra Steinbrecher (TUD) Identifier: D3.7 Type: [Template] Version: 1.0 Date: Monday, 04 June 2007 Status: [Deliverable] Class: [Public] File: fidis-wp3-del3.7.literature_RFID.doc Summary In this deliverable the physical properties of RFID, types of RFID systems basing on the physical properties and operational aspects of RFID systems are introduced and described. An overview on currently know security threats for RFID systems, countermeasures and related cost aspects is given. This is followed by a brief overview on current areas of application for RFID. To put a light on status quo and trends of development in the private sector in the context of RFID, the results of a study carried out in 2004 and 2005 in Germany are summarised. This is followed by an overview on relevant standards in the context of RFID. This deliverable also includes a bibliography containing relevant literature in the context of RFID. This is published in the bibliographic system at http://www.fidis.net/interactive/rfid-bibliography/ Copyright © 2004-07 by the FIDIS consortium - EC Contract No. 507512 The FIDIS NoE receives research funding from the Community’s Sixth Framework Program FIDIS D3.7 Future of Identity in the Information Society (No. 507512) Copyright Notice: This document may not be copied, reproduced, or modified in whole or in part for any purpose without written permission from the FIDIS Consortium.
  • Ambient Intelligence

    Ambient Intelligence

    Fachbereich Informatik und Elektrotechnik AmI Ambient Intelligence Ambient Intelligence, Helmut Dispert Fachbereich Informatik und Elektrotechnik BAN – BSN - WBSN Ambient Intelligence • Body Area Network - BAN • Body Sensor Network – BSN • Wireless Body Sensor Network - WBSN Wireless body-area sensor networks (WBSNs) are key components of e-health solutions. Wearable wireless sensors can monitor and collect many different physiological parameters accurately, economically and efficiently. Ambient Intelligence, Helmut Dispert Fachbereich Informatik und Elektrotechnik BAN – BSN - WBSN Body sensing To address these issues, the concept of Body Sensor Networks (BSN) was first proposed in 2002 by Prof. Guang-Zhong Yang from Imperial College London. The aim of the BSN is to provide a truly personalised monitoring platform that is pervasive, intelligent, and invisible to the user. Example BSN system: represents a patient wearing a number of sensors on his body, each of which consists of a sensor connected to a small processor, wireless transmitter, and battery pack, forming a BSN node. The BSN node captures the sensor data, processes the data and then wirelessly transmits the information to a local processing unit, shown as a personal digital assistant (PDA) in the diagram. All this has been made possible by rapid advances in computing technology. Ambient Intelligence, Helmut Dispert Fachbereich Informatik und Elektrotechnik Literature Yang, Guang-Zhong (Ed.): Body Sensor Networks, Springer, 2006 ISBN: 978-1-84628-272-0 Ambient Intelligence,
  • Serialization Terms for Hospitals and Pharmacies

    Serialization Terms for Hospitals and Pharmacies

    HEALTHCARE GLOSSARY Serialization Terms for Hospitals and Pharmacies © 2018 TraceLink Inc. All Rights Reserved Serialization Terms for Hospitals and Pharmacies | 01 Introduction In 2020, DSCSA requires that hospitals and pharmacies receive drugs with unique product identifiers as part of the FDA’s broader track-and-trace regulations. In fact, as of 2017, pharmacies are already seeing packaging with new 2D barcodes and serial numbers—and they are seeing a lot of unfamiliar terms with origins in manufacturing, supply chain logistics, regulatory guidelines, information technology, and industry standards. Acronyms like “GTIN” and “EPCIS” are likely to become more familiar to hospitals and pharmacies as serialized product starts to appear on pharmacy shelves. Terms like “transaction” and “illegitimate product” have specific FDA definitions that are part of a broader compliance vocabulary. This collection of more than 100 terms will help you make sense of the changing landscape of healthcare delivery and make smart decisions as you plan your serialization strategy. #ABCDEFGHIJKLMNOPQRSTUVWXYZ © 2018 TraceLink Inc. All Rights Reserved Serialization Terms for Hospitals and Pharmacies | 02 GLOSSARY SERIALIZATION TERMS FOR HOSPITALS AND PHARMACIES # 3PL Third-Party Logistics. A contracted company that provides distribution services of finished goods on behalf of another company. A 3PL never takes ownership of the product although the product is in its possession. A ADR Authorized Distributor of Record. A wholesale distributor that a manufacturer designates or authorizes to distribute its products. Aggregation The process of recording the serial number of a container along with the serial numbers of its contents; often referred to as a parent/child relationship, or a serialized container to content relationship.